[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: duplicate library code in a package

On Wed, Sep 28, 2005 at 01:36:02PM -0400, Roberto C. Sanchez wrote:
> On Wed, Sep 28, 2005 at 12:07:08PM -0500, Carlo Segre wrote:
> > On Wed, 28 Sep 2005, Roberto C. Sanchez wrote:
> > 
> > >On Wed, Sep 28, 2005 at 06:15:12PM +0200, Tommaso Moroni wrote:
> > >>Hi!
> > >>
> > >>I'm packaging kchmviewer, which uses a version of chmlib bundled
> > >>in the upstream tarball.
> > >>
> > >>Is it a Bad Thing to use that library instead of depending on the
> > >>official packaged one?
> > >
> > >Yes(TM), it is a Bad Thing(TM).
> > >
> > >If the official library is suitable, then use it.  It will:
> > >
> > >- absolve you of providing security support for the duplicate code
> > >- make the resulting binary packages fewer or smaller
> > >- save space on end user systems and repository mirror sites
> > >
> > 
> > Don't delete it form the upstream tarball though or your diffs will be huge.  
> > Just disable the compilation in the makefiles.
> > 
> > Carlo
> An excellent point.  I imagine that it would also be permissible to
> repackage the .orig.tar.gz file so that it is gone from there as well.
Usually only 3 reasons are sufficient justification for repackaging.

 1) non DFSG material included;
 2) large binaries included;
 3) multiple "dependent" upstream source tarballs required for
    building a single binary package

Bill lists some other ones here:

My comments within:
  --- Files have stupid permissions.
This is probably not a valid reason, in itself; just run
chmod -R u=Xg=o= or whatever in ./debian/rules.

  --- tarball contains files at the root.
 As Joerg notes in the New Queue Reject Faq, this is not a valid
 reason; dpkg-source deals with this just fine.

  --- Some files are not DFSG free.

  --- You can't add binary files (e.g. icons) in a diff. Using uuencode 
      is not optimal.  Sometimes it is better to sneak them in the
      source tarball.
That's one way; Theodore Ts'o does it by putting them in the .diff.gz.

  --- tarball include large stuff that we don't want to package.
I think this is only sufficient justification if its very large, like
over 50% of the source package size, and tens of megabytes.

The other 3 things listed are also okay..

Clear skies,

Reply to: